[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2020-12418":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T20:55:33.689Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":23,"aliases":24,"duplicate_of":9,"upstream":25,"downstream":26,"duplicates":85,"related":86,"reserved_at":9,"published_at":100,"modified_at":101,"state":102,"summary":103,"references_raw":112,"kevs":167,"epss":168,"epss_history":171,"metrics":436,"affected":447},"CVE-2020-12418","Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript. This vulnerability affects Firefox ESR \u003C 68.10, Firefox \u003C 78, and Thunderbird \u003C 68.10.0.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-125","Out-of-bounds Read","The product reads data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-540","Overread Buffers",[],[],[],[],[27,29,31,33,35,37,39,41,43,45,47,49,51,53,55,57,59,61,63,65,67,69,71,73,75,77,79,81,83],{"_key":28},"RHSA-2020:2824",{"_key":30},"RHSA-2020:2825",{"_key":32},"RHSA-2020:2826",{"_key":34},"RHSA-2020:2827",{"_key":36},"RHSA-2020:2828",{"_key":38},"RHSA-2020:2906",{"_key":40},"RHSA-2020:2907",{"_key":42},"RHSA-2020:2966",{"_key":44},"RHSA-2020:3038",{"_key":46},"RHSA-2020:3046",{"_key":48},"OPENSUSE-SU-2024:10601-1",{"_key":50},"SUSE-SU-2020:14421-1",{"_key":52},"SUSE-SU-2020:1898-1",{"_key":54},"SUSE-SU-2020:1899-1",{"_key":56},"SUSE-SU-2020:1900-1",{"_key":58},"OPENSUSE-SU-2020:0967-1",{"_key":60},"OPENSUSE-SU-2020:0982-1",{"_key":62},"OPENSUSE-SU-2020:0983-1",{"_key":64},"OPENSUSE-SU-2020:1017-1",{"_key":66},"OPENSUSE-SU-2024:10600-1",{"_key":68},"OPENSUSE-SU-2024:14572-1",{"_key":70},"DSA-4713-1",{"_key":72},"DSA-4718-1",{"_key":74},"MGASA-2020-0274",{"_key":76},"MGASA-2020-0300",{"_key":78},"UBUNTU-CVE-2020-12418",{"_key":80},"USN-4408-1",{"_key":82},"USN-4421-1",{"_key":84},"DEBIAN-CVE-2020-12418",[],[87,88,89,90,91,92,93,94,95,96,97,98,99],{"_key":48},{"_key":50},{"_key":52},{"_key":54},{"_key":56},{"_key":58},{"_key":60},{"_key":62},{"_key":64},{"_key":66},{"_key":68},{"_key":74},{"_key":76},"2020-07-09T14:19:50.000Z","2024-08-04T11:56:51.647Z","Modified",{"cisa_kev":104,"cisa_ransomware":104,"cisa_vendor":9,"epss_severity":105,"epss_score":106,"severity":107,"severity_score":108,"severity_version":109,"severity_source":110,"severity_vector":111,"severity_status":102},false,"low",0.00878,"medium",6.5,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",[113,120,124,128,134,141,145,149,153,158,163],{"url":114,"sources":115,"tags":117},"https://www.mozilla.org/security/advisories/mfsa2020-24/",[116,110],"cve.org",[118,119],"X Refsource MISC","Vendor Advisory",{"url":121,"sources":122,"tags":123},"https://www.mozilla.org/security/advisories/mfsa2020-26/",[116,110],[118,119],{"url":125,"sources":126,"tags":127},"https://www.mozilla.org/security/advisories/mfsa2020-25/",[116,110],[118,119],{"url":129,"sources":130,"tags":131},"https://bugzilla.mozilla.org/show_bug.cgi?id=1641303",[116,110],[118,132,133,119],"Issue Tracking","Permissions Required",{"url":135,"sources":136,"tags":137},"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00023.html",[116,110],[119,138,139,140],"X Refsource SUSE","Mailing List","Third Party Advisory",{"url":142,"sources":143,"tags":144},"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00026.html",[116,110],[119,138,139,140],{"url":146,"sources":147,"tags":148},"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00027.html",[116,110],[119,138,139,140],{"url":150,"sources":151,"tags":152},"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00049.html",[116,110],[119,138,139,140],{"url":154,"sources":155,"tags":156},"https://usn.ubuntu.com/4421-1/",[116,110],[119,157,140],"X Refsource UBUNTU",{"url":159,"sources":160,"tags":161},"https://security.gentoo.org/glsa/202007-09",[116,110],[119,162,140],"X Refsource GENTOO",{"url":164,"sources":165,"tags":166},"https://security.gentoo.org/glsa/202007-10",[116,110],[119,162,140],[],{"date":169,"score":106,"percentile":170},"2026-06-04",0.75678,[172,176,179,182,185,188,191,194,197,200,203,205,208,210,212,216,219,222,225,229,232,234,237,240,242,245,248,251,254,257,260,263,266,269,272,274,277,280,283,286,290,293,296,299,302,305,308,310,313,316,319,322,325,328,332,335,338,341,344,347,350,353,357,360,363,366,369,372,374,377,379,382,385,388,391,394,396,399,401,403,406,409,412,415,418,421,424,427,430,433],{"date":173,"score":174,"percentile":175},"2025-11-04",0.02374,0.84413,{"date":177,"score":174,"percentile":178},"2025-11-05",0.84418,{"date":180,"score":174,"percentile":181},"2025-11-06",0.84421,{"date":183,"score":174,"percentile":184},"2025-11-07",0.84428,{"date":186,"score":174,"percentile":187},"2025-11-08",0.84434,{"date":189,"score":174,"percentile":190},"2025-11-09",0.84429,{"date":192,"score":174,"percentile":193},"2025-11-10",0.84425,{"date":195,"score":174,"percentile":196},"2025-11-11",0.8443,{"date":198,"score":174,"percentile":199},"2025-11-12",0.8444,{"date":201,"score":174,"percentile":202},"2025-11-13",0.84446,{"date":204,"score":174,"percentile":202},"2025-11-14",{"date":206,"score":174,"percentile":207},"2025-11-15",0.84439,{"date":209,"score":174,"percentile":199},"2025-11-16",{"date":211,"score":174,"percentile":196},"2025-11-17",{"date":213,"score":214,"percentile":215},"2025-11-18",0.01357,0.78475,{"date":217,"score":214,"percentile":218},"2025-11-19",0.78483,{"date":220,"score":214,"percentile":221},"2025-11-20",0.7849,{"date":223,"score":174,"percentile":224},"2025-11-21",0.84442,{"date":226,"score":227,"percentile":228},"2025-11-22",0.02125,0.83596,{"date":230,"score":227,"percentile":231},"2025-11-23",0.8359,{"date":233,"score":227,"percentile":231},"2025-11-24",{"date":235,"score":227,"percentile":236},"2025-11-25",0.83587,{"date":238,"score":227,"percentile":239},"2025-11-26",0.83586,{"date":241,"score":227,"percentile":239},"2025-11-27",{"date":243,"score":227,"percentile":244},"2025-11-28",0.83575,{"date":246,"score":227,"percentile":247},"2025-11-29",0.83598,{"date":249,"score":227,"percentile":250},"2025-11-30",0.83601,{"date":252,"score":227,"percentile":253},"2025-12-01",0.83672,{"date":255,"score":227,"percentile":256},"2025-12-02",0.83674,{"date":258,"score":227,"percentile":259},"2025-12-03",0.83677,{"date":261,"score":227,"percentile":262},"2025-12-04",0.83605,{"date":264,"score":227,"percentile":265},"2025-12-05",0.83609,{"date":267,"score":227,"percentile":268},"2025-12-06",0.83607,{"date":270,"score":227,"percentile":271},"2025-12-07",0.83599,{"date":273,"score":227,"percentile":250},"2025-12-08",{"date":275,"score":227,"percentile":276},"2025-12-09",0.83612,{"date":278,"score":227,"percentile":279},"2025-12-10",0.83632,{"date":281,"score":227,"percentile":282},"2025-12-11",0.83646,{"date":284,"score":227,"percentile":285},"2025-12-12",0.83655,{"date":287,"score":288,"percentile":289},"2025-12-13",0.01575,0.81055,{"date":291,"score":288,"percentile":292},"2025-12-14",0.8105,{"date":294,"score":288,"percentile":295},"2025-12-15",0.81049,{"date":297,"score":288,"percentile":298},"2025-12-16",0.8106,{"date":300,"score":288,"percentile":301},"2025-12-17",0.81069,{"date":303,"score":288,"percentile":304},"2025-12-18",0.81089,{"date":306,"score":288,"percentile":307},"2025-12-19",0.81096,{"date":309,"score":288,"percentile":304},"2025-12-20",{"date":311,"score":288,"percentile":312},"2025-12-21",0.81085,{"date":314,"score":288,"percentile":315},"2025-12-22",0.81083,{"date":317,"score":288,"percentile":318},"2025-12-23",0.81087,{"date":320,"score":288,"percentile":321},"2025-12-24",0.81099,{"date":323,"score":288,"percentile":324},"2025-12-25",0.81116,{"date":326,"score":288,"percentile":327},"2025-12-26",0.81117,{"date":329,"score":330,"percentile":331},"2025-12-27",0.00881,0.74863,{"date":333,"score":288,"percentile":334},"2025-12-28",0.81103,{"date":336,"score":288,"percentile":337},"2025-12-29",0.811,{"date":339,"score":288,"percentile":340},"2025-12-30",0.81106,{"date":342,"score":288,"percentile":343},"2025-12-31",0.8112,{"date":345,"score":288,"percentile":346},"2026-01-01",0.81197,{"date":348,"score":288,"percentile":349},"2026-01-02",0.81192,{"date":351,"score":288,"percentile":352},"2026-01-03",0.81187,{"date":354,"score":355,"percentile":356},"2026-01-04",0.01761,0.82141,{"date":358,"score":355,"percentile":359},"2026-01-05",0.82138,{"date":361,"score":355,"percentile":362},"2026-01-06",0.82142,{"date":364,"score":355,"percentile":365},"2026-01-07",0.82144,{"date":367,"score":355,"percentile":368},"2026-01-08",0.82151,{"date":370,"score":355,"percentile":371},"2026-01-09",0.82152,{"date":373,"score":355,"percentile":371},"2026-01-10",{"date":375,"score":355,"percentile":376},"2026-01-11",0.82149,{"date":378,"score":355,"percentile":356},"2026-01-12",{"date":380,"score":355,"percentile":381},"2026-01-13",0.82139,{"date":383,"score":355,"percentile":384},"2026-01-14",0.8216,{"date":386,"score":355,"percentile":387},"2026-01-15",0.82158,{"date":389,"score":355,"percentile":390},"2026-01-16",0.82168,{"date":392,"score":355,"percentile":393},"2026-01-17",0.8217,{"date":395,"score":355,"percentile":390},"2026-01-18",{"date":397,"score":355,"percentile":398},"2026-01-19",0.82163,{"date":400,"score":355,"percentile":398},"2026-01-20",{"date":402,"score":355,"percentile":393},"2026-01-21",{"date":404,"score":355,"percentile":405},"2026-01-22",0.82177,{"date":407,"score":355,"percentile":408},"2026-01-23",0.82201,{"date":410,"score":355,"percentile":411},"2026-01-24",0.82207,{"date":413,"score":355,"percentile":414},"2026-01-25",0.82198,{"date":416,"score":355,"percentile":417},"2026-01-26",0.82196,{"date":419,"score":355,"percentile":420},"2026-01-27",0.82194,{"date":422,"score":355,"percentile":423},"2026-01-28",0.82195,{"date":425,"score":355,"percentile":426},"2026-01-29",0.82197,{"date":428,"score":355,"percentile":429},"2026-01-30",0.82202,{"date":431,"score":355,"percentile":432},"2026-01-31",0.82208,{"date":434,"score":355,"percentile":435},"2026-02-01",0.82283,[437],{"source":110,"cvss_v2_0":438,"cvss_v3_0":9,"cvss_v3_1":443,"cvss_v4_0":9},{"baseScore":439,"baseSeverity":9,"vectorString":440,"impactScore":441,"exploitabilityScore":442},4.3,"AV:N/AC:M/Au:N/C:P/I:N/A:N",2.9,8.6,{"baseScore":108,"baseSeverity":444,"vectorString":111,"impactScore":445,"exploitabilityScore":446},"MEDIUM",6,7.2,[448,463,479,488,497],{"ecosystem":9,"name":449,"vendor":450,"product":451,"cpe_part":452,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":453},"ubuntu linux","canonical","ubuntu_linux","o",[454,457,459,461],{"version":455,"is_range":104,"range_type":456,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"16.04","cpe",{"version":458,"is_range":104,"range_type":456,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.04",{"version":460,"is_range":104,"range_type":456,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"19.10",{"version":462,"is_range":104,"range_type":456,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"20.04",{"ecosystem":9,"name":464,"vendor":465,"product":466,"cpe_part":467,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":468},"Firefox","mozilla","firefox","a",[469,474],{"version":470,"is_range":471,"range_type":456,"version_start":9,"version_start_type":9,"version_end":472,"version_end_type":473,"fixed_in":9},"lt78.0",true,"78.0","excluding",{"version":475,"is_range":471,"range_type":116,"version_start":476,"version_start_type":477,"version_end":478,"version_end_type":473,"fixed_in":9},">= unspecified, \u003C 78","unspecified","including","78",{"ecosystem":9,"name":480,"vendor":465,"product":481,"cpe_part":467,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":482},"firefox esr","firefox_esr",[483,486],{"version":484,"is_range":471,"range_type":456,"version_start":9,"version_start_type":9,"version_end":485,"version_end_type":473,"fixed_in":9},"lt68.10","68.10",{"version":487,"is_range":471,"range_type":116,"version_start":476,"version_start_type":477,"version_end":485,"version_end_type":473,"fixed_in":9},">= unspecified, \u003C 68.10",{"ecosystem":9,"name":489,"vendor":465,"product":490,"cpe_part":467,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":491},"Thunderbird","thunderbird",[492,495],{"version":493,"is_range":471,"range_type":456,"version_start":9,"version_start_type":9,"version_end":494,"version_end_type":473,"fixed_in":9},"lt68.10.0","68.10.0",{"version":496,"is_range":471,"range_type":116,"version_start":476,"version_start_type":477,"version_end":494,"version_end_type":473,"fixed_in":9},">= unspecified, \u003C 68.10.0",{"ecosystem":9,"name":498,"vendor":499,"product":498,"cpe_part":452,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":500},"leap","opensuse",[501,503],{"version":502,"is_range":104,"range_type":456,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.1",{"version":504,"is_range":104,"range_type":456,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.2"]